Arjit Gupta
2016-Dec-20 14:43 UTC
[Samba] samba 4.5.0 on hpux ia64: smbd not able to use domain users for file sharing
Hi ,
Below is the content of smb.conf file for ADS member.
[global]
password server = WIN2008.CIFSDOM.COM
client ldap sasl wrapping = plain
security = ADS
workgroup = CIFSDOM
realm = CIFSDOM.COM
guest account = smbnull
log file = /var/log/samba/%m.log
log level = 10
# Default idmap config used for BUILTIN and local accounts/groups
idmap config *:backend = tdb
idmap config *:range = 2000-9999
# Use template settings for login shell and home directory
winbind nss info = template
template shell = /sbin/false
template homedir = /home/%U
winbind enum users = yes
winbind enum groups = yes
username map = /etc/opt/samba/users.map
[tmp]
comment = Temporary file space
path = /tmp
read only = no
Arjit Kumar
On Tue, Dec 20, 2016 at 2:33 PM, Rowland Penny via samba <
samba at lists.samba.org> wrote:
> On Tue, 20 Dec 2016 14:23:14 +0530
> Arjit Gupta via samba <samba at lists.samba.org> wrote:
>
> > Hi,
> >
> > Issue Background:-
> >
> > 1. Configure samba as member to ADS/NT4 server
> > 2. Share a folder from samba member server
> >
> > Issue:-
> >
> > - Try to access share folder from domain user(other non admin user
> > which exists in ADS/NT4 server).
> > - It fails with with error NT_STATUS_NO_SUCH_USER.
> >
> > From the log it seems that winbind is able to find and authenticate
> > the user. but smbd fails to get user logs NT_STATUS_NO_SUCH_USER
> > error.
> >
> > Please let me know if any more information is required at my end.
> >
> > Arjit Kumar
>
> ADS == Active Directory
> NT4 != Active Directory
>
> Which is it ???
>
> Can you post your smb.conf
>
> Rowland
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
Rowland Penny
2016-Dec-20 15:00 UTC
[Samba] samba 4.5.0 on hpux ia64: smbd not able to use domain users for file sharing
On Tue, 20 Dec 2016 20:13:28 +0530 Arjit Gupta <arjitk.gupta at gmail.com> wrote:> Hi , > > Below is the content of smb.conf file for ADS member. > > [global] > password server = WIN2008.CIFSDOM.COM > > client ldap sasl wrapping = plain > security = ADS > workgroup = CIFSDOM > realm = CIFSDOM.COM > > guest account = smbnull > > log file = /var/log/samba/%m.log > log level = 10 > > # Default idmap config used for BUILTIN and local accounts/groups > idmap config *:backend = tdb > idmap config *:range = 2000-9999 > > > > # Use template settings for login shell and home directory > winbind nss info = template > template shell = /sbin/false > template homedir = /home/%U > > winbind enum users = yes > winbind enum groups = yes > > username map = /etc/opt/samba/users.map > [tmp] > comment = Temporary file space > path = /tmp > read only = no > > > Arjit Kumar > >You don't seem to have set up the domain 'idmap config' lines, Have a look here: https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member Rowland
Arjit Gupta
2016-Dec-20 17:03 UTC
[Samba] samba 4.5.0 on hpux ia64: smbd not able to use domain users for file sharing
Hi,
I have added below lines in smb.conf
idmap config CIFSDOM:backend = rid
idmap config CIFSDOM:range = 10000-999999
But still i am getting same error.
*I am also attaching logs *
*winbind logs:-*
userinfos: struct wbint_userinfo
acct_name : *
acct_name : 'gold'
full_name : *
full_name : 'gold'
homedir : *
homedir : '/home/%U'
shell : *
shell :
'/sbin/false'
primary_gid : 0xffffffffffffffff
(-1)
user_sid :
S-1-5-21-3309633207-894445730-3307837412-1122
group_sid :
S-1-5-21-3309633207-894445730-3307837412-513
result : NT_STATUS_OK
[ 6958]: pam auth crap domain: [CIFSDOM] user: gold
[2016/12/20 21:50:11.811213, 10, pid=6857, effective(0, 3), real(0, 3),
class=winbind] ../source3/winbindd/winbindd.c:800(wb_request_done)
wb_request_done[6958:PAM_AUTH_CRAP]: NT_STATUS_OK
[ 6959]: pam auth crap domain: [CIFSDOM] user: gold
[2016/12/20 21:50:14.166504, 10, pid=6857, effective(0, 3), real(0, 3),
class=winbind] ../source3/winbindd/winbindd.c:800(wb_request_done)
wb_request_done[6959:PAM_AUTH_CRAP]: NT_STATUS_OK
*logs for client machine:-*
DomainName : 'CIFSDOM'
UserNameLen : 0x0008 (8)
UserNameMaxLen : 0x0008 (8)
UserName : *
UserName : 'gold'
WorkstationLen : 0x0012 (18)
WorkstationMaxLen : 0x0012 (18)
Workstation : *
Workstation : 'windowsclient'
EncryptedRandomSessionKeyLen: 0x0010 (16)
EncryptedRandomSessionKeyMaxLen: 0x0010 (16)
EncryptedRandomSessionKey: *
EncryptedRandomSessionKey: DATA_BLOB length=16
Got user=[gold] domain=[CIFSDOM] workstation=[windowsclient] len1=24
len2=298
[2016/12/20 21:50:11.769896, 10, pid=6958, effective(0, 0), real(0, 0)]
../auth/ntlmssp/ntlmssp_server.c:483(ntlmssp_server_preauth)
[2016/12/20 21:50:11.769939, 1, pid=6958, effective(0, 0), real(0, 0)]
../librpc/ndr/ndr.c:413(ndr_print_debug)
Scanning username map /etc/opt/samba/users.map
[2016/12/20 21:50:11.775246, 10, pid=6958, effective(0, 0), real(0, 0)]
../source3/auth/user_util.c:219(user_in_list)
user_in_list: checking user gold in list
[2016/12/20 21:50:11.775297, 10, pid=6958, effective(0, 0), real(0, 0)]
../source3/auth/user_util.c:224(user_in_list)
user_in_list: checking user |gold| against |CDOM\Administrator|
[2016/12/20 21:50:11.775352, 10, pid=6958, effective(0, 0), real(0, 0)]
../source3/auth/user_util.c:224(user_in_list)
user_in_list: checking user |gold| against |CDOM\administrator|
[2016/12/20 21:50:11.775406, 10, pid=6958, effective(0, 0), real(0, 0)]
../source3/auth/user_util.c:224(user_in_list)
user_in_list: checking user |gold| against |CIFSDOM\Administrator|
[2016/12/20 21:50:11.775468, 8, pid=6958, effective(0, 0), real(0, 0)]
../source3/auth/user_util.c:464(map_username)
The user 'gold' has no mapping. Skip it next time.
[2016/12/20 21:50:11.775519, 5, pid=6958, effective(0, 0), real(0, 0),
class=auth] ../source3/auth/auth_util.c:117(make_user_info_map)
Mapping user [CIFSDOM]\[gold] from workstation [windowsclient]
[2016/12/20 21:50:11.777640, 5, pid=6958, effective(0, 0), real(0, 0),
class=auth] ../source3/auth/user_info.c:62(make_user_info)
attempting to make a user_info for gold (gold)
[2016/12/20 21:50:11.777709, 5, pid=6958, effective(0, 0), real(0, 0),
class=auth] ../source3/auth/user_info.c:70(make_user_info)
making strings for gold's user_info struct
[2016/12/20 21:50:11.777788, 5, pid=6958, effective(0, 0), real(0, 0),
class=auth] ../source3/auth/user_info.c:108(make_user_info)
making blobs for gold's user_info struct
[2016/12/20 21:50:11.777843, 10, pid=6958, effective(0, 0), real(0, 0),
class=auth] ../source3/auth/user_info.c:159(make_user_info)
made a user_info for gold (gold)
[2016/12/20 21:50:11.777905, 3, pid=6958, effective(0, 0), real(0, 0),
class=auth] ../source3/auth/auth.c:178(auth_check_ntlm_password)
check_ntlm_password: Checking password for unmapped user
[CIFSDOM]\[gold]@[windowsclient] with the new password interface
[2016/12/20 21:50:11.777966, 3, pid=6958, effective(0, 0), real(0, 0),
class=auth] ../source3/auth/auth.c:181(auth_check_ntlm_password)
check_ntlm_password: mapped user is: [CIFSDOM]\[gold]@[windowsclient]
2016/12/20 21:50:11.778026, 10, pid=6958, effective(0, 0), real(0, 0),
class=auth] ../source3/auth/auth.c:190(auth_check_ntlm_password)
check_ntlm_password: auth_context challenge created by random
[2016/12/20 21:50:11.778078, 10, pid=6958, effective(0, 0), real(0, 0),
class=auth] ../source3/auth/auth.c:192(auth_check_ntlm_password)
challenge is:
[2016/12/20 21:50:11.778132, 5, pid=6958, effective(0, 0), real(0, 0)]
../lib/util/util.c:555(dump_data)
[0000] 39 C2 DB B9 7C B4 83 03 9...|...
[2016/12/20 21:50:11.778297, 10, pid=6958, effective(0, 0), real(0, 0),
class=auth] ../source3/auth/auth_builtin.c:41(check_guest_security)
Check auth for: [gold]
[2016/12/20 21:50:11.778351, 10, pid=6958, effective(0, 0), real(0, 0),
class=auth] ../source3/auth/auth.c:233(auth_check_ntlm_password)
check_ntlm_password: guest had nothing to say
[2016/12/20 21:50:11.778411, 10, pid=6958, effective(0, 0), real(0, 0),
class=auth] ../source3/auth/auth_sam.c:75(auth_samstrict_auth)
Check auth for: [gold]
[2016/12/20 21:50:11.778485, 8, pid=6958, effective(0, 0), real(0, 0)]
../source3/lib/util.c:1239(is_myname)
is_myname("CIFSDOM") returns 0
[2016/12/20 21:50:11.778548, 6, pid=6958, effective(0, 0), real(0, 0),
class=auth] ../source3/auth/auth_sam.c:88(auth_samstrict_auth)
check_samstrict_security: CIFSDOM is not one of my local names
(ROLE_DOMAIN_MEMBER)
[2016/12/20 21:50:11.778605, 10, pid=6958, effective(0, 0), real(0, 0),
class=auth] ../source3/auth/auth.c:233(auth_check_ntlm_password)
check_ntlm_password: sam had nothing to say
[2016/12/20 21:50:11.778666, 10, pid=6958, effective(0, 0), real(0, 0),
class=auth] ../source3/auth/auth_winbind.c:50(check_winbind_security)
Check auth for: [gold]
Scanning username map /etc/opt/samba/users.map
[2016/12/20 21:50:11.811948, 10, pid=6958, effective(0, 0), real(0, 0)]
../source3/auth/user_util.c:219(user_in_list)
user_in_list: checking user CIFSDOM\gold in list
[2016/12/20 21:50:11.811999, 10, pid=6958, effective(0, 0), real(0, 0)]
../source3/auth/user_util.c:224(user_in_list)
user_in_list: checking user |CIFSDOM\gold| against |CDOM\Administrator|
[2016/12/20 21:50:11.812070, 10, pid=6958, effective(0, 0), real(0, 0)]
../source3/auth/user_util.c:224(user_in_list)
user_in_list: checking user |CIFSDOM\gold| against |CDOM\administrator|
[2016/12/20 21:50:11.812125, 10, pid=6958, effective(0, 0), real(0, 0)]
../source3/auth/user_util.c:224(user_in_list)
user_in_list: checking user |CIFSDOM\gold| against |CIFSDOM\Administrator|
[2016/12/20 21:50:11.812188, 8, pid=6958, effective(0, 0), real(0, 0)]
../source3/auth/user_util.c:464(map_username)
The user 'CIFSDOM\gold' has no mapping. Skip it next time.
[2016/12/20 21:50:11.812266, 5, pid=6958, effective(0, 0), real(0, 0)]
../source3/lib/username.c:181(Get_Pwnam_alloc)
Finding user CIFSDOM\gold
[2016/12/20 21:50:11.812320, 5, pid=6958, effective(0, 0), real(0, 0)]
../source3/lib/username.c:120(Get_Pwnam_internals)
Trying _Get_Pwnam(), username as lowercase is CIFSDOM\gold
[2016/12/20 21:50:11.812882, 5, pid=6958, effective(0, 0), real(0, 0)]
../source3/lib/username.c:128(Get_Pwnam_internals)
Trying _Get_Pwnam(), username as given is CIFSDOM\gold
[2016/12/20 21:50:11.813082, 5, pid=6958, effective(0, 0), real(0, 0)]
../source3/lib/username.c:141(Get_Pwnam_internals)
Trying _Get_Pwnam(), username as uppercase is CIFSDOM\GOLD
[2016/12/20 21:50:11.813266, 5, pid=6958, effective(0, 0), real(0, 0)]
../source3/lib/username.c:153(Get_Pwnam_internals)
Checking combinations of 0 uppercase letters in CIFSDOM\gold
[2016/12/20 21:50:11.813327, 5, pid=6958, effective(0, 0), real(0, 0)]
../source3/lib/username.c:159(Get_Pwnam_internals)
Get_Pwnam_internals didn't find user [CIFSDOM\gold]!
[2016/12/20 21:50:11.813382, 5, pid=6958, effective(0, 0), real(0, 0)]
../source3/lib/username.c:181(Get_Pwnam_alloc)
Finding user gold
[2016/12/20 21:50:11.813432, 5, pid=6958, effective(0, 0), real(0, 0)]
../source3/lib/username.c:120(Get_Pwnam_internals)
Trying _Get_Pwnam(), username as lowercase is gold
[2016/12/20 21:50:11.813605, 5, pid=6958, effective(0, 0), real(0, 0)]
../source3/lib/username.c:141(Get_Pwnam_internals)
Trying _Get_Pwnam(), username as uppercase is GOLD
[2016/12/20 21:50:11.813878, 5, pid=6958, effective(0, 0), real(0, 0)]
../source3/lib/username.c:153(Get_Pwnam_internals)
Checking combinations of 0 uppercase letters in gold
[2016/12/20 21:50:11.813942, 5, pid=6958, effective(0, 0), real(0, 0)]
../source3/lib/username.c:159(Get_Pwnam_internals)
Get_Pwnam_internals didn't find user [gold]!
[2016/12/20 21:50:11.814279, 3, pid=6958, effective(0, 0), real(0, 0),
class=auth] ../source3/auth/auth_util.c:1229(check_account)
Failed to find authenticated user CIFSDOM\gold via getpwnam(), denying
access.
[2016/12/20 21:50:11.814360, 5, pid=6958, effective(0, 0), real(0, 0),
class=auth] ../source3/auth/auth.c:252(auth_check_ntlm_password)
check_ntlm_password: winbind authentication for user [gold] FAILED with
error NT_STATUS_NO_SUCH_USER
[2016/12/20 21:50:11.814442, 2, pid=6958, effective(0, 0), real(0, 0),
class=auth] ../source3/auth/auth.c:315(auth_check_ntlm_password)
check_ntlm_password: Authentication for user [gold] -> [gold] FAILED
with error NT_STATUS_NO_SUCH_USER
[2016/12/20 21:50:11.814503, 5, pid=6958, effective(0, 0), real(0, 0)]
../source3/auth/auth_ntlmssp.c:188(auth3_check_password)
Checking NTLMSSP password for CIFSDOM\gold failed: NT_STATUS_NO_SUCH_USER
[2016/12/20 21:50:11.814571, 5, pid=6958, effective(0, 0), real(0, 0)]
../auth/ntlmssp/ntlmssp_server.c:737(ntlmssp_server_check_password)
../auth/ntlmssp/ntlmssp_server.c:737: Checking NTLMSSP password for
CIFSDOM\gold failed: NT_STATUS_NO_SUCH_USER
[2016/12/20 21:50:11.814643, 2, pid=6958, effective(0, 0), real(0, 0)]
../auth/gensec/spnego.c:720(gensec_spnego_server_negTokenTarg)
SPNEGO login failed: NT_STATUS_NO_SUCH_USER
DomainNameLen : 0x0010 (16)
DomainNameMaxLen : 0x0010 (16)
DomainName : *
DomainName : 'CIFSDOM'
UserNameLen : 0x0008 (8)
UserNameMaxLen : 0x0008 (8)
UserName : *
UserName : 'gold'
WorkstationLen : 0x0012 (18)
WorkstationMaxLen : 0x0012 (18)
Workstation : *
Workstation : 'windowsclient'
[2016/12/20 21:50:14.125243, 3, pid=6959, effective(0, 0), real(0, 0)]
../auth/ntlmssp/ntlmssp_server.c:452(ntlmssp_server_preauth)
Got user=[gold] domain=[CIFSDOM] workstation=[windowsclient] len1=24
len2=298
Scanning username map /etc/opt/samba/users.map
[2016/12/20 21:50:14.130606, 10, pid=6959, effective(0, 0), real(0, 0)]
../source3/auth/user_util.c:219(user_in_list)
user_in_list: checking user gold in list
[2016/12/20 21:50:14.130657, 10, pid=6959, effective(0, 0), real(0, 0)]
../source3/auth/user_util.c:224(user_in_list)
user_in_list: checking user |gold| against |CDOM\Administrator|
[2016/12/20 21:50:14.130711, 10, pid=6959, effective(0, 0), real(0, 0)]
../source3/auth/user_util.c:224(user_in_list)
user_in_list: checking user |gold| against |CDOM\administrator|
[2016/12/20 21:50:14.130766, 10, pid=6959, effective(0, 0), real(0, 0)]
../source3/auth/user_util.c:224(user_in_list)
user_in_list: checking user |gold| against |CIFSDOM\Administrator|
[2016/12/20 21:50:14.130828, 8, pid=6959, effective(0, 0), real(0, 0)]
../source3/auth/user_util.c:464(map_username)
The user 'gold' has no mapping. Skip it next time.
[2016/12/20 21:50:14.130880, 5, pid=6959, effective(0, 0), real(0, 0),
class=auth] ../source3/auth/auth_util.c:117(make_user_info_map)
Mapping user [CIFSDOM]\[gold] from workstation [windowsclient]
[2016/12/20 21:50:14.133060, 5, pid=6959, effective(0, 0), real(0, 0),
class=auth] ../source3/auth/user_info.c:62(make_user_info)
attempting to make a user_info for gold (gold)
[2016/12/20 21:50:14.133126, 5, pid=6959, effective(0, 0), real(0, 0),
class=auth] ../source3/auth/user_info.c:70(make_user_info)
making strings for gold's user_info struct
[2016/12/20 21:50:14.133197, 5, pid=6959, effective(0, 0), real(0, 0),
class=auth] ../source3/auth/user_info.c:108(make_user_info)
making blobs for gold's user_info struct
[2016/12/20 21:50:14.133251, 10, pid=6959, effective(0, 0), real(0, 0),
class=auth] ../source3/auth/user_info.c:159(make_user_info)
made a user_info for gold (gold)
[2016/12/20 21:50:14.133313, 3, pid=6959, effective(0, 0), real(0, 0),
class=auth] ../source3/auth/auth.c:178(auth_check_ntlm_password)
check_ntlm_password: Checking password for unmapped user
[CIFSDOM]\[gold]@[windowsclient] with the new password interface
[2016/12/20 21:50:14.133374, 3, pid=6959, effective(0, 0), real(0, 0),
class=auth] ../source3/auth/auth.c:181(auth_check_ntlm_password)
check_ntlm_password: mapped user is: [CIFSDOM]\[gold]@[windowsclient]
2016/12/20 21:50:14.133799, 10, pid=6959, effective(0, 0), real(0, 0),
class=auth] ../source3/auth/auth_builtin.c:41(check_guest_security)
Check auth for: [gold]
[2016/12/20 21:50:14.133852, 10, pid=6959, effective(0, 0), real(0, 0),
class=auth] ../source3/auth/auth.c:233(auth_check_ntlm_password)
check_ntlm_password: guest had nothing to say
[2016/12/20 21:50:14.133911, 10, pid=6959, effective(0, 0), real(0, 0),
class=auth] ../source3/auth/auth_sam.c:75(auth_samstrict_auth)
Check auth for: [gold]
[2016/12/20 21:50:14.134002, 8, pid=6959, effective(0, 0), real(0, 0)]
../source3/lib/util.c:1239(is_myname)
is_myname("CIFSDOM") returns 0
[2016/12/20 21:50:14.134068, 6, pid=6959, effective(0, 0), real(0, 0),
class=auth] ../source3/auth/auth_sam.c:88(auth_samstrict_auth)
check_samstrict_security: CIFSDOM is not one of my local names
(ROLE_DOMAIN_MEMBER)
[2016/12/20 21:50:14.134125, 10, pid=6959, effective(0, 0), real(0, 0),
class=auth] ../source3/auth/auth.c:233(auth_check_ntlm_password)
check_ntlm_password: sam had nothing to say
[2016/12/20 21:50:14.134189, 10, pid=6959, effective(0, 0), real(0, 0),
class=auth] ../source3/auth/auth_winbind.c:50(check_winbind_security)
Check auth for: [gold]
Scanning username map /etc/opt/samba/users.map
[2016/12/20 21:50:14.167189, 10, pid=6959, effective(0, 0), real(0, 0)]
../source3/auth/user_util.c:219(user_in_list)
user_in_list: checking user CIFSDOM\gold in list
[2016/12/20 21:50:14.167240, 10, pid=6959, effective(0, 0), real(0, 0)]
../source3/auth/user_util.c:224(user_in_list)
user_in_list: checking user |CIFSDOM\gold| against |CDOM\Administrator|
[2016/12/20 21:50:14.167295, 10, pid=6959, effective(0, 0), real(0, 0)]
../source3/auth/user_util.c:224(user_in_list)
user_in_list: checking user |CIFSDOM\gold| against |CDOM\administrator|
[2016/12/20 21:50:14.167351, 10, pid=6959, effective(0, 0), real(0, 0)]
../source3/auth/user_util.c:224(user_in_list)
user_in_list: checking user |CIFSDOM\gold| against |CIFSDOM\Administrator|
[2016/12/20 21:50:14.167413, 8, pid=6959, effective(0, 0), real(0, 0)]
../source3/auth/user_util.c:464(map_username)
The user 'CIFSDOM\gold' has no mapping. Skip it next time.
[2016/12/20 21:50:14.167488, 5, pid=6959, effective(0, 0), real(0, 0)]
../source3/lib/username.c:181(Get_Pwnam_alloc)
Finding user CIFSDOM\gold
[2016/12/20 21:50:14.167542, 5, pid=6959, effective(0, 0), real(0, 0)]
../source3/lib/username.c:120(Get_Pwnam_internals)
Trying _Get_Pwnam(), username as lowercase is CIFSDOM\gold
[2016/12/20 21:50:14.167991, 5, pid=6959, effective(0, 0), real(0, 0)]
../source3/lib/username.c:128(Get_Pwnam_internals)
Trying _Get_Pwnam(), username as given is CIFSDOM\gold
[2016/12/20 21:50:14.168158, 5, pid=6959, effective(0, 0), real(0, 0)]
../source3/lib/username.c:141(Get_Pwnam_internals)
Trying _Get_Pwnam(), username as uppercase is CIFSDOM\GOLD
[2016/12/20 21:50:14.168312, 5, pid=6959, effective(0, 0), real(0, 0)]
../source3/lib/username.c:153(Get_Pwnam_internals)
Checking combinations of 0 uppercase letters in CIFSDOM\gold
[2016/12/20 21:50:14.168371, 5, pid=6959, effective(0, 0), real(0, 0)]
../source3/lib/username.c:159(Get_Pwnam_internals)
Get_Pwnam_internals didn't find user [CIFSDOM\gold]!
[2016/12/20 21:50:14.168432, 5, pid=6959, effective(0, 0), real(0, 0)]
../source3/lib/username.c:181(Get_Pwnam_alloc)
Finding user gold
[2016/12/20 21:50:14.168482, 5, pid=6959, effective(0, 0), real(0, 0)]
../source3/lib/username.c:120(Get_Pwnam_internals)
Trying _Get_Pwnam(), username as lowercase is gold
[2016/12/20 21:50:14.168648, 5, pid=6959, effective(0, 0), real(0, 0)]
../source3/lib/username.c:141(Get_Pwnam_internals)
Trying _Get_Pwnam(), username as uppercase is GOLD
[2016/12/20 21:50:14.168800, 5, pid=6959, effective(0, 0), real(0, 0)]
../source3/lib/username.c:153(Get_Pwnam_internals)
Checking combinations of 0 uppercase letters in gold
[2016/12/20 21:50:14.168858, 5, pid=6959, effective(0, 0), real(0, 0)]
../source3/lib/username.c:159(Get_Pwnam_internals)
Get_Pwnam_internals didn't find user [gold]!
[2016/12/20 21:50:14.169184, 3, pid=6959, effective(0, 0), real(0, 0),
class=auth] ../source3/auth/auth_util.c:1229(check_account)
Failed to find authenticated user CIFSDOM\gold via getpwnam(), denying
access.
[2016/12/20 21:50:14.169262, 5, pid=6959, effective(0, 0), real(0, 0),
class=auth] ../source3/auth/auth.c:252(auth_check_ntlm_password)
check_ntlm_password: winbind authentication for user [gold] FAILED with
error NT_STATUS_NO_SUCH_USER
[2016/12/20 21:50:14.169348, 2, pid=6959, effective(0, 0), real(0, 0),
class=auth] ../source3/auth/auth.c:315(auth_check_ntlm_password)
check_ntlm_password: Authentication for user [gold] -> [gold] FAILED
with error NT_STATUS_NO_SUCH_USER
[2016/12/20 21:50:14.169410, 5, pid=6959, effective(0, 0), real(0, 0)]
../source3/auth/auth_ntlmssp.c:188(auth3_check_password)
Checking NTLMSSP password for CIFSDOM\gold failed: NT_STATUS_NO_SUCH_USER
[2016/12/20 21:50:14.169479, 5, pid=6959, effective(0, 0), real(0, 0)]
../auth/ntlmssp/ntlmssp_server.c:737(ntlmssp_server_check_password)
../auth/ntlmssp/ntlmssp_server.c:737: Checking NTLMSSP password for
CIFSDOM\gold failed: NT_STATUS_NO_SUCH_USER
Scanning username map /etc/opt/samba/users.map
[2016/12/20 21:50:14.167189, 10, pid=6959, effective(0, 0), real(0, 0)]
../source3/auth/user_util.c:219(user_in_list)
user_in_list: checking user CIFSDOM\gold in list
[2016/12/20 21:50:14.167240, 10, pid=6959, effective(0, 0), real(0, 0)]
../source3/auth/user_util.c:224(user_in_list)
user_in_list: checking user |CIFSDOM\gold| against |CDOM\Administrator|
[2016/12/20 21:50:14.167295, 10, pid=6959, effective(0, 0), real(0, 0)]
../source3/auth/user_util.c:224(user_in_list)
user_in_list: checking user |CIFSDOM\gold| against |CDOM\administrator|
[2016/12/20 21:50:14.167351, 10, pid=6959, effective(0, 0), real(0, 0)]
../source3/auth/user_util.c:224(user_in_list)
user_in_list: checking user |CIFSDOM\gold| against |CIFSDOM\Administrator|
[2016/12/20 21:50:14.167413, 8, pid=6959, effective(0, 0), real(0, 0)]
../source3/auth/user_util.c:464(map_username)
The user 'CIFSDOM\gold' has no mapping. Skip it next time.
[2016/12/20 21:50:14.167488, 5, pid=6959, effective(0, 0), real(0, 0)]
../source3/lib/username.c:181(Get_Pwnam_alloc)
Finding user CIFSDOM\gold
[2016/12/20 21:50:14.167542, 5, pid=6959, effective(0, 0), real(0, 0)]
../source3/lib/username.c:120(Get_Pwnam_internals)
Trying _Get_Pwnam(), username as lowercase is CIFSDOM\gold
[2016/12/20 21:50:14.167991, 5, pid=6959, effective(0, 0), real(0, 0)]
../source3/lib/username.c:128(Get_Pwnam_internals)
Trying _Get_Pwnam(), username as given is CIFSDOM\gold
[2016/12/20 21:50:14.168158, 5, pid=6959, effective(0, 0), real(0, 0)]
../source3/lib/username.c:141(Get_Pwnam_internals)
Trying _Get_Pwnam(), username as uppercase is CIFSDOM\GOLD
[2016/12/20 21:50:14.168312, 5, pid=6959, effective(0, 0), real(0, 0)]
../source3/lib/username.c:153(Get_Pwnam_internals)
Checking combinations of 0 uppercase letters in CIFSDOM\gold
[2016/12/20 21:50:14.168371, 5, pid=6959, effective(0, 0), real(0, 0)]
../source3/lib/username.c:159(Get_Pwnam_internals)
Get_Pwnam_internals didn't find user [CIFSDOM\gold]!
[2016/12/20 21:50:14.168432, 5, pid=6959, effective(0, 0), real(0, 0)]
../source3/lib/username.c:181(Get_Pwnam_alloc)
Finding user gold
[2016/12/20 21:50:14.168482, 5, pid=6959, effective(0, 0), real(0, 0)]
../source3/lib/username.c:120(Get_Pwnam_internals)
Trying _Get_Pwnam(), username as lowercase is gold
[2016/12/20 21:50:14.168648, 5, pid=6959, effective(0, 0), real(0, 0)]
../source3/lib/username.c:141(Get_Pwnam_internals)
Trying _Get_Pwnam(), username as uppercase is GOLD
[2016/12/20 21:50:14.168800, 5, pid=6959, effective(0, 0), real(0, 0)]
../source3/lib/username.c:153(Get_Pwnam_internals)
Checking combinations of 0 uppercase letters in gold
[2016/12/20 21:50:14.168858, 5, pid=6959, effective(0, 0), real(0, 0)]
../source3/lib/username.c:159(Get_Pwnam_internals)
Get_Pwnam_internals didn't find user [gold]!
[2016/12/20 21:50:14.169184, 3, pid=6959, effective(0, 0), real(0, 0),
class=auth] ../source3/auth/auth_util.c:1229(check_account)
Failed to find authenticated user CIFSDOM\gold via getpwnam(), denying
access.
[2016/12/20 21:50:14.169262, 5, pid=6959, effective(0, 0), real(0, 0),
class=auth] ../source3/auth/auth.c:252(auth_check_ntlm_password)
check_ntlm_password: winbind authentication for user [gold] FAILED with
error NT_STATUS_NO_SUCH_USER
[2016/12/20 21:50:14.169348, 2, pid=6959, effective(0, 0), real(0, 0),
class=auth] ../source3/auth/auth.c:315(auth_check_ntlm_password)
check_ntlm_password: Authentication for user [gold] -> [gold] FAILED
with error NT_STATUS_NO_SUCH_USER
[2016/12/20 21:50:14.169410, 5, pid=6959, effective(0, 0), real(0, 0)]
../source3/auth/auth_ntlmssp.c:188(auth3_check_password)
Checking NTLMSSP password for CIFSDOM\gold failed: NT_STATUS_NO_SUCH_USER
[2016/12/20 21:50:14.169479, 5, pid=6959, effective(0, 0), real(0, 0)]
../auth/ntlmssp/ntlmssp_server.c:737(ntlmssp_server_check_password)
../auth/ntlmssp/ntlmssp_server.c:737: Checking NTLMSSP password for
CIFSDOM\gold failed: NT_STATUS_NO_SUCH_USER
Arjit Kumar
On Tue, Dec 20, 2016 at 8:30 PM, Rowland Penny via samba <
samba at lists.samba.org> wrote:
> On Tue, 20 Dec 2016 20:13:28 +0530
> Arjit Gupta <arjitk.gupta at gmail.com> wrote:
>
> > Hi ,
> >
> > Below is the content of smb.conf file for ADS member.
> >
> > [global]
> > password server = WIN2008.CIFSDOM.COM
> >
> > client ldap sasl wrapping = plain
> > security = ADS
> > workgroup = CIFSDOM
> > realm = CIFSDOM.COM
> >
> > guest account = smbnull
> >
> > log file = /var/log/samba/%m.log
> > log level = 10
> >
> > # Default idmap config used for BUILTIN and local accounts/groups
> > idmap config *:backend = tdb
> > idmap config *:range = 2000-9999
> >
> >
> >
> > # Use template settings for login shell and home directory
> > winbind nss info = template
> > template shell = /sbin/false
> > template homedir = /home/%U
> >
> > winbind enum users = yes
> > winbind enum groups = yes
> >
> > username map = /etc/opt/samba/users.map
> > [tmp]
> > comment = Temporary file space
> > path = /tmp
> > read only = no
> >
> >
> > Arjit Kumar
> >
> >
>
> You don't seem to have set up the domain 'idmap config' lines,
Have a
> look here:
>
> https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member
>
> Rowland
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
Apparently Analagous Threads
- samba 4.5.0 on hpux ia64: smbd not able to use domain users for file sharing
- samba 4.5.0 on hpux ia64: smbd not able to use domain users for file sharing
- samba 4.5.0 on hpux ia64: smbd not able to use domain users for file sharing
- Again guest access and machine account...
- Problems Authetincating users by group in Active Directoy